This class provides, within a computer or digital data processing
system, for processes or apparatus for increasing a system s extension
of protection of system hardware, software, or data from maliciously
caused destruction, unauthorized modification, or unauthorized disclosure.

INFORMATION SECURITY

This class provides for protection of data processing systems,
apparatus, and methods as well as protection of information and
services. Subject matter included in this class includes security
policies, access control, monitoring, scanning data, countermeasures,
usage control, and data protection from maliciously caused destruction,
unauthorized modification, or unauthorized disclosure. This class
also includes protection of hardware, and user protection, e.g.,
privacy, etc.

Data Processing: Financial, Business Practice, Management,
or Cost/Price Determination,
subclass 18for security in an electronic cash register or
point of sale terminal having password entry mode, and subclass
44 for authorization or authentication in a credit transaction or
loan processing system.

Electrical Computers and Digital Data Processing
Systems: Input/Output,
subclasses 36 through 51for regulating access of peripherals to computers
or vice-versa; subclasses 107-125 for regulating access of processors
or memories to a bus; and subclasses 200-240 for general purpose
access regulating and arbitration.

The prevention of unauthorized access to resources of
a system or information system, including the prevention of their
use in an unauthorized manner.

INFORMATION

Data with meaning concerning a particular act or circumstance
in general. Note: May include or consist of graphics or text or
numerical or non-numerical values.

MONITORING

Subject matter includes means of watching, tracking, inspecting,
analyzing of system or user activity. This includes the auditing
of system vulnerabilities and system configuration, assessing the
integrity of files within a system, identifying and recognizing
patterns that dictate known attacks, analysis of abnormal activity
patterns, recognizing user activity in regards to policy violations
and operating system audit trail management.

POLICY

Rules for protecting information, services and other
data processing resources.

USAGE CONTROL

Subject matter includes means placing restrictions on computer
and/or user use of applications

USER PROTECTION/PRIVACY

Subject matter includes means for ensuring the state
or integrity of information or data associated with a user.

This subclass is indented under the class definition. Subject matter comprising systems, methods, and apparatus
that provide for the administration and management of rules or regulations
governing the protection of information, services and other data
processing resources involving coordination of more than one security
mechanisms among a plurality of entities, resources, or processes.

This subclass is indented under the class definition. Subject matter comprising systems, methods, and
apparatus for the prevention of unauthorized access to resources
of a system or information system, including the manner
of identifying and verifying the entity, process, or mechanism
requesting access to the resource.

(1)Note. This subclass is directed to access control
in information security systems. The concept of access
control exists throughout the class. Therefore, a
search to a particular concept of access control should consider
the related topics in bus access control, memory access
control, computer system access control, generic access
control, etc.

Cryptography, appropriate subclasses for systems employing encrypted
user or record actuated authentication, and for digital
control or digital computer communication in which an encrypting
or decrypting device utilizes a digital signal manipulation technique
on the computer signal, and
subclasses 247 through 250for cellular telephone cryptographic authentication.

Data Processing: Financial, Business Practice, Management, or
Cost/Price Determination,
subclass 18for an electronic cash register having cryptography; and
subclass 44 for a general funds transfer or credit transaction requiring
authorization or authentication not including a cryptographic limitation.

This subclass is indented under subclass 3. Subject matter including a device installed between internal
(private) networks and outside networks (public) and which protects
the internal network from network-based attacks that may originate
from the outside and to provide a traffic point where security constraints and
audits may be affected.

This subclass is indented under subclass 11. Subject matter including a multi-ported internetworking
device that applies a set of rules to each incoming IP packet in
order to decide whether it is to be forwarded or dropped.

(1)Note. The filtering usually takes place on information contained
in the headers, such as protocol numbers, source or destination
addresses/ports, TCP connections, and other options. The
filtering may be dynamic or static.

(2)Note. The packet filter may be different and distinct from
routers; see note on routers. Routers are
internetworking devices that run a custom operating system to transfer
packets between two or more physically separated network segments
(via the use of routing tables). This device operates at the network
level of the OSI model, or the Internet level of the Internet model.

(3)Note. Some routers have a scanning ability and are know as screening routers, effectively becoming
a packet-filtering device.

This subclass is indented under subclass 11. Subject matter including a set of rules, procedures,
or conventions governing the format and relative timing of message
exchange between two communications terminals to prevent unauthorized
intrusion or interference (i.e., attacks).

This subclass is indented under subclass 14. Subject matter wherein the protocol is used for a software-defined
network offering the appearance, functionality, and usefulness of
a dedicated private network or for a terminal that is defined as
a standard on the network that can handle diverse terminals.

This subclass is indented under subclass 2. Subject matter wherein the access control or authentication
includes the means of limiting access to the resources of a system
based on a single computer or end user level.

(1)Note. The end user level is the occupant of the premises who
uses the product.

This subclass is indented under subclass 16. Subject matter wherein the access control or authentication
includes permitting the use of rights, privileges, and permissions
in the stand-alone network environment.

This subclass is indented under subclass 17. Subject matter wherein the authorization includes systems,
methods, and apparatus for using information supplied to authenticate
a communication to establish the identity of the bearer.

MONITORING OR SCANNING OF SOFTWARE OR DATA INCLUDING ATTACK
PREVENTION:

This subclass is indented under the class definition. Subject matter comprising systems, methods, and apparatus
for ensuring data integrity by scanning of software or data or otherwise
monitoring data to prevent or detect attacks.

This subclass is indented under subclass 22. Subject matter wherein monitoring or scanning of software
or data includes methods or systems to evaluate the defensive capabilities
of a system, process, apparatus, or entity against attacks.

(1)Note. The subject matter of this subclass is primarily concerned
with keeping out intruders and preventing attacks as opposed to
authenticating users.

PREVENTION OF UNAUTHORIZED USE OF DATA INCLUDING PREVENTION
OF PIRACY, PRIVACY VIOLATIONS, OR UNAUTHORIZED DATA MODIFICATION:

This subclass is indented under the class definition. Subject matter comprising systems, methods, and apparatus
for prohibiting any impersonation, unauthorized browsing, falsification
or theft of data, or alteration of data not consistent with defined
security policy.

Data Processing: Generic Control Systems or Specific
Applications,
subclasses 225 through 227for data processing article handling system having
identification code, and subclass 237 for an operator or payment initiated
dispensing or ending data processing system having password or PIN
authorization.

Data Processing: Financial, Business Practice,
Management, or Cost/Price Determination,
subclass 18for security in an electronic cash register or point
of sale terminal having password entry mode; subclasses 57 and 58
for preventing access to or copying of stored information in a distributed data
file.

This subclass is indented under subclass 26. Subject matter wherein the prevention of unauthorized
use of data includes means to limit number or amount of electronic
copies of the data that can be made.

Communications: Electrical,
subclasses 287 through 309for a signal box alarm arrangement, particularly subclass
288 for alarm transmission over a power line; subclasses 426.1-426.36
for vehicle alarms or indication of burglary or unauthorized use; and
subclasses 541-567 for an intrusion responsive indicator or alarm.

The Inventors
Assistance Center is available to help you on patent
matters.Send questions about USPTO programs and services
to theUSPTO
Contact Center (UCC). You can suggest USPTO webpages
or material you would like featured on this section by E-mail
to the webmaster@uspto.gov.
While we cannot promise to accommodate all requests, your suggestions
will be considered and may lead to other improvements on the
website.